CVE-2022-31813

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
Configurations

Configuration 1

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Information

Published : 2022-06-09 05:15

Updated : 2022-08-19 12:54


NVD link : CVE-2022-31813

Mitre link : CVE-2022-31813

Products Affected
No products.
CWE